mfischer Sun May 19 03:52:59 2002 EDT
Modified files:
/phpdoc/en/reference/posix reference.xml
Log:
- Posix extension should not really be used in environment where security
matters. Also add note it's not availabvle on win32.
# This renders all open posix reports about safe_mode obsolete.
Index: phpdoc/en/reference/posix/reference.xml
diff -u phpdoc/en/reference/posix/reference.xml:1.2
phpdoc/en/reference/posix/reference.xml:1.3
--- phpdoc/en/reference/posix/reference.xml:1.2 Mon Apr 15 17:57:17 2002
+++ phpdoc/en/reference/posix/reference.xml Sun May 19 03:52:59 2002
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="iso-8859-1"?>
-<!-- $Revision: 1.2 $ -->
+<!-- $Revision: 1.3 $ -->
<reference id="ref.posix">
<title>POSIX functions</title>
<titleabbrev>POSIX</titleabbrev>
@@ -15,6 +15,25 @@
and this module tries to remedy this by providing easy access to
these functions.
</para>
+ <warning>
+ <para>
+ Sensitive data can be retrieved with the <link
+ linkend="ref.posix">POSIX</link> functions, e.g.
+ <function>posix_getpwnam</function> and friends. None of the <link
+ linkend="ref.posix">POSIX</link> function perform any kind of access
+ checking when <link linkend="ini.safe-mode">safe mode</link> is enabled.
+ It's therefore <emphasis role="strong">strongly</emphasis> advised to
+ disable the <link linkend="ref.posix">POSIX</link> extension at all (use
+ <literal>--disable-posix</literal> in your configure line) if you're
+ operating in such an environment.
+ </para>
+ </warning>
+ <note>
+ <para>
+ The <link linkend="ref.posix">POSIX</link> extension is <emphasis
+ role="strong">not</emphasis> available on the Windows platform.
+ </para>
+ </note>
</partintro>
&reference.posix.functions;
